As the CEO of Colonial Pipeline testifies before the Senate Homeland Security Committee on Tuesday about last month’s ransomware attack on the major fuel pipeline to the U.S. East Coast, legislators, and government officials have started to air the idea of making ransom payments illegal in some cases.
Colonial Pipeline’s chief executive Joseph Blount is appearing before Congress this week to testify, a month after the pipeline operator had to shut down operations for five days, which led to gasoline shortages and a spike in prices.
Roughly two weeks after the cyberattack on Colonial Pipeline’s computer systems by DarkSide, a suspected Russian group of hackers, Blount told The Wall Street Journal that the pipeline operator paid $4.4 million in ransom to the attackers.
Yesterday, the U.S. Department of Justice said that it had recovered and seized $2.3 million in bitcoin of that ransom.
“Today’s announcements also demonstrate the value of early notification to law enforcement; we thank Colonial Pipeline for quickly notifying the FBI when they learned that they were targeted by DarkSide,” the DoJ said in a statement.
Although the FBI discourages ransom payments because they “are the fuel that propels the digital extortion engine,” as the DoJ said on Monday, in some cases, companies pay the money because they don’t know how seriously their systems have been breached.
A ban on ransomware payments could leave some energy companies in an impossible position and without recourse if their systems are breached.
Colonial Pipeline’s Blount said he didn’t make the decision to pay the ransom to DarkSide lightly.
Related: How An Oil Pipeline Hack Sent Bitcoin Prices Tumbling
“I will admit that I wasn’t comfortable seeing money go out the door to people like this,” he told the Journal last month. “But it was the right thing to do for the country,” Blount added.
In the wake of the ransomware attack on Colonial Pipeline, cybersecurity has been a hot topic in Washington.
This weekend, U.S. Secretary of Energy Jennifer Granholm said there are malign cyber actors capable of shutting down the U.S. power grid or parts of it, and added that companies paying ransomware only exacerbates the cyberattack problem, and no one should be paying ransomware.
By Tsvetana Paraskova for Oilprice.com
More Top Reads From Oilprice.com:
Tsvetana is a writer for Oilprice.com with over a decade of experience writing for news outlets such as iNVEZZ and SeeNews.